09c6db7 krainstance: set correct issuer DN in uid=ipakra entry

Authored and Committed by ftweedal 4 years ago
    krainstance: set correct issuer DN in uid=ipakra entry
    
    If IPA CA has custom subject DN (not "CN=Certificate
    Authority,{subject_base}"), the uid=ipakra people entry gets an
    incorrect 'description' attribute.  The issuer DN in the
    'description' attribute is based on the aforementioned pattern,
    instead of the actual IPA CA subject DN.
    
    Update KRAInstance.configure_instance() to require the CA subject DN
    argument.  Update ipaserver.install.kra.install() to pass the CA
    subject DN.
    
    Fixes: https://pagure.io/freeipa/issue/8084
    Reviewed-By: Florence Blanc-Renaud <flo@redhat.com>
    
        
file modified
+4 -1